CVE-2004-0124

Sažetak

The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."

Reference

http://secunia.com/advisories/11065/
http://www.ciac.org/ciac/bulletins/o-115.shtml
http://www.kb.cert.org/vuls/id/212892
http://www.securityfocus.com/bid/10121
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-012
https://exchange.xforce.ibmcloud.com/vulnerabilities/15711
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1041
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1062
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1066
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1072

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

12-10-2018 - 21:34

Objavljeno

01-06-2004 - 04:00